Ransomware takes the spotlight this time showing up targeting Windows users, production servers and, specifically, drives commonly associated with removable devices and mapped network drives.
For more articles, check out our #onpatrol4malware blog.
New Study: Hospital Breaches Could Be Killing Patients
Source: infosecurity
Data breaches at hospitals appear to be having a serious impact on patient care, increasing mortality rates for years after an incident, according to new research. Read more.
TrickBot variant “Anchor_DNS” communicating over DNS
Source: NTT Security
NTT has observed a TrickBot variant used in a campaign named Anchor_DNS and has been observed to be deployed on targets in the financial sector and high impact servers. Read more.
More than a Dozen Obfuscated APT33 Botnets Used for Extreme Narrow Targeting
Source: TrendMicro
The threat group APT33 has been using about a dozen live Command and Control (C&C) servers for extremely narrow targeting against organizations. Read more.
Strange AnteFrigus Ransomware Only Targets Specific Drives
Source: BleepingComputer
A new and strange ransomware called AnteFrigus is now being distributed through malvertising that redirects users to the the RIG exploit kit. Read more.
Cerberus – A new banking Trojan from the underworld
Source: Threat Fabric
In June 2019, ThreatFabric analysts found a new Android malware, dubbed “Cerberus”, being rented out on underground forums. Read more.
PureLocker: New Ransomware-as-a-Service Being Used in Targeted Attacks Against Servers
Source: Intezer
We have found a new and undetected ransomware threat that is being used for targeted attacks against production servers of enterprises. Read more.
Buran Ransomware; the Evolution of VegaLocker
Source: McAfee
McAfee’s Advanced Threat Research Team observed how a new ransomware family named ‘Buran’ appeared in May 2019. Buran works as a RaaS model like other ransomware families such as REVil, GandCrab (now defunct), Phobos, etc. Read more.
Threat Alert: TCP Amplification Attacks
Source: Radware
Throughout 2019, Radware’s Threat Research Center (TRC) and Emergency Response Team (ERT) have been monitoring and defending against an increasing number of TCP reflection attacks. Read more.
New JavaScript Skimmer ‘Pipka’ Targeting eCommerce Merchants Identified
Source: Visa
Visa PFD’s eTD program identified a new JavaScript skimmer that targets payment data entered into payment forms of eCommerce merchant websites. Read more.
Experts report a rampant growth in the number of malicious, lookalike domains
Source: Security Affairs
Cyber security firm Venafi announced it has uncovered lookalike domains with valid TLS certificates that appear to target major retailers. Read more.
Antivirus vendors and non-profits join to form ‘Coalition Against Stalkerware’
Source: ZDNet
Ten organizations today announced the creation of the Coalition Against Stalkerware, the first global initiative of its kind, with the sole purpose of fighting against stalkerware. Read more.
Fake Windows Update Spam Leads to Cyborg Ransomware and Its Builder
Source: Trustwave
Recently, fake Microsoft Windows Update emails contains just one sentence in its email body which starts with two capital letters. It directs the recipient’s attention to the attachment as the “latest critical update”. Read more.